OpenConnect (ocserv) Connected on client side, But Can not open any web page (NO INTERNET) ...

What is known about the Ubaid lizard-people figurines?

How do I name drop voicings

What does an IRS interview request entail when called in to verify expenses for a sole proprietor small business?

Why is "Consequences inflicted." not a sentence?

At the end of Thor: Ragnarok why don't the Asgardians turn and head for the Bifrost as per their original plan?

Bete Noir -- no dairy

How come Sam didn't become Lord of Horn Hill?

How to align text above triangle figure

Withdrew £2800, but only £2000 shows as withdrawn on online banking; what are my obligations?

Check which numbers satisfy the condition [A*B*C = A! + B! + C!]

Can a non-EU citizen traveling with me come with me through the EU passport line?

porting install scripts : can rpm replace apt?

What is the meaning of the new sigil in Game of Thrones Season 8 intro?

String `!23` is replaced with `docker` in command line

Dating a Former Employee

What would be the ideal power source for a cybernetic eye?

Why do we bend a book to keep it straight?

How to react to hostile behavior from a senior developer?

What is Arya's weapon design?

What is a non-alternating simple group with big order, but relatively few conjugacy classes?

What is Wonderstone and are there any references to it pre-1982?

How to call a function with default parameter through a pointer to function that is the return of another function?

Can an alien society believe that their star system is the universe?

Why did the rest of the Eastern Bloc not invade Yugoslavia?



OpenConnect (ocserv) Connected on client side, But Can not open any web page (NO INTERNET)



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Cisco AnyConnect Secure Mobility Client service can not start on Windows 7 64 bit systemRoute internet traffic from openvpn tun0 to eth0connected to VPN, but traffic still via normal routeHow do I set up a VPN, such that I can connect to my Samba Share and printer?How can I prevent Cisco Anyconnect, client-side, from setting any IPv6 routes?Mac not setting routes on openconnect with vpnc-clientvpnbook connected but IP not changedClient can connect to my openvpn but cannot reach internetConnected to OpenVPN but no internet connection nor client to clientOpenVPN - Performance issues - Different bandwith on different client systems but same server - Windows & Linux





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















Please take a look at these links :
openconnect / ocserv
openconnect / ocserv Installation - CentOS, RHEL, Fedora

I have centos 7.6 as server with public ip.

Also in client machine i have windows 7 os with wireless internet.

I followed these commands to install openconnect on server machine :



sudo yum -y install gnutls-devel libev-devel tcp_wrappers-devel pam-devel lz4-devel libseccomp-devel readline-devel libnl3-devel krb5-devel radcli-devel
sudo yum -y install epel-release
sudo yum repolist enabled
sudo yum info ocserv
sudo yum -y install ocserv
sudo ocpasswd -c /etc/ocserv/ocpasswd test
123
nano -K /etc/ocserv/ocserv.conf


And here is ocserv.conf file :



auth = "plain[passwd=/etc/ocserv/ocpasswd]"

tcp-port = 8090
udp-port = 8090

run-as-user = ocserv
run-as-group = ocserv

socket-file = ocserv.sock

chroot-dir = /var/lib/ocserv

isolate-workers = true

max-clients = 5

max-same-clients = 1

keepalive = 32400

dpd = 90

mobile-dpd = 1800

switch-to-tcp-timeout = 25

try-mtu-discovery = true

server-cert = /etc/pki/ocserv/public/server.crt
server-key = /etc/pki/ocserv/private/server.key

ca-cert = /etc/pki/ocserv/cacerts/ca.crt

cert-user-oid = 0.9.2342.19200300.100.1.1

tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"

auth-timeout = 240

min-reauth-time = 300

max-ban-score = 50

ban-reset-time = 300

cookie-timeout = 300

deny-roaming = false

rekey-time = 172800

rekey-method = ssl

use-occtl = true

pid-file = /var/run/ocserv.pid

device = vpns

predictable-ips = true

default-domain = example.com

ipv4-network = 192.168.102.0
ipv4-netmask = 255.255.255.0

dns = 8.8.8.8
dns = 8.8.4.4

ping-leases = false

cisco-client-compat = true

dtls-legacy = true

user-profile = profile.xml

# Routes to be forwarded to the client. If you need the
# client to forward routes to the server, you may use the
# config-per-user/group or even connect and disconnect scripts.
#
# To set the server as the default gateway for the client just
# comment out all routes from the server, or use the special keyword
# 'default'.

#route = 10.10.10.0/255.255.255.0
#route = 192.168.0.0/255.255.0.0
#route = fef4:db8:1000:1001::/64


After editing ocserv.conf i did these commands :



sudo systemctl start ocserv
sudo systemctl enable ocserv
sudo systemctl status ocserv


Now i downloaded gui software from here on client machine.

Client machine can connect to openconnect with username test successfully.

But the problem is that i can not open any web page on client machine & it seems there is NO INTERNET.

What should i do on server machine to fix this problem?






Firewall is off on both server & client.

I did nothing about routing or forwarding.

I am not familiar with them.

If necessary tell me what should i do about them?

Also i found this link about my situation. But not satisfy...








share|improve this question































    0















    Please take a look at these links :
    openconnect / ocserv
    openconnect / ocserv Installation - CentOS, RHEL, Fedora

    I have centos 7.6 as server with public ip.

    Also in client machine i have windows 7 os with wireless internet.

    I followed these commands to install openconnect on server machine :



    sudo yum -y install gnutls-devel libev-devel tcp_wrappers-devel pam-devel lz4-devel libseccomp-devel readline-devel libnl3-devel krb5-devel radcli-devel
    sudo yum -y install epel-release
    sudo yum repolist enabled
    sudo yum info ocserv
    sudo yum -y install ocserv
    sudo ocpasswd -c /etc/ocserv/ocpasswd test
    123
    nano -K /etc/ocserv/ocserv.conf


    And here is ocserv.conf file :



    auth = "plain[passwd=/etc/ocserv/ocpasswd]"

    tcp-port = 8090
    udp-port = 8090

    run-as-user = ocserv
    run-as-group = ocserv

    socket-file = ocserv.sock

    chroot-dir = /var/lib/ocserv

    isolate-workers = true

    max-clients = 5

    max-same-clients = 1

    keepalive = 32400

    dpd = 90

    mobile-dpd = 1800

    switch-to-tcp-timeout = 25

    try-mtu-discovery = true

    server-cert = /etc/pki/ocserv/public/server.crt
    server-key = /etc/pki/ocserv/private/server.key

    ca-cert = /etc/pki/ocserv/cacerts/ca.crt

    cert-user-oid = 0.9.2342.19200300.100.1.1

    tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"

    auth-timeout = 240

    min-reauth-time = 300

    max-ban-score = 50

    ban-reset-time = 300

    cookie-timeout = 300

    deny-roaming = false

    rekey-time = 172800

    rekey-method = ssl

    use-occtl = true

    pid-file = /var/run/ocserv.pid

    device = vpns

    predictable-ips = true

    default-domain = example.com

    ipv4-network = 192.168.102.0
    ipv4-netmask = 255.255.255.0

    dns = 8.8.8.8
    dns = 8.8.4.4

    ping-leases = false

    cisco-client-compat = true

    dtls-legacy = true

    user-profile = profile.xml

    # Routes to be forwarded to the client. If you need the
    # client to forward routes to the server, you may use the
    # config-per-user/group or even connect and disconnect scripts.
    #
    # To set the server as the default gateway for the client just
    # comment out all routes from the server, or use the special keyword
    # 'default'.

    #route = 10.10.10.0/255.255.255.0
    #route = 192.168.0.0/255.255.0.0
    #route = fef4:db8:1000:1001::/64


    After editing ocserv.conf i did these commands :



    sudo systemctl start ocserv
    sudo systemctl enable ocserv
    sudo systemctl status ocserv


    Now i downloaded gui software from here on client machine.

    Client machine can connect to openconnect with username test successfully.

    But the problem is that i can not open any web page on client machine & it seems there is NO INTERNET.

    What should i do on server machine to fix this problem?






    Firewall is off on both server & client.

    I did nothing about routing or forwarding.

    I am not familiar with them.

    If necessary tell me what should i do about them?

    Also i found this link about my situation. But not satisfy...








    share|improve this question



























      0












      0








      0








      Please take a look at these links :
      openconnect / ocserv
      openconnect / ocserv Installation - CentOS, RHEL, Fedora

      I have centos 7.6 as server with public ip.

      Also in client machine i have windows 7 os with wireless internet.

      I followed these commands to install openconnect on server machine :



      sudo yum -y install gnutls-devel libev-devel tcp_wrappers-devel pam-devel lz4-devel libseccomp-devel readline-devel libnl3-devel krb5-devel radcli-devel
      sudo yum -y install epel-release
      sudo yum repolist enabled
      sudo yum info ocserv
      sudo yum -y install ocserv
      sudo ocpasswd -c /etc/ocserv/ocpasswd test
      123
      nano -K /etc/ocserv/ocserv.conf


      And here is ocserv.conf file :



      auth = "plain[passwd=/etc/ocserv/ocpasswd]"

      tcp-port = 8090
      udp-port = 8090

      run-as-user = ocserv
      run-as-group = ocserv

      socket-file = ocserv.sock

      chroot-dir = /var/lib/ocserv

      isolate-workers = true

      max-clients = 5

      max-same-clients = 1

      keepalive = 32400

      dpd = 90

      mobile-dpd = 1800

      switch-to-tcp-timeout = 25

      try-mtu-discovery = true

      server-cert = /etc/pki/ocserv/public/server.crt
      server-key = /etc/pki/ocserv/private/server.key

      ca-cert = /etc/pki/ocserv/cacerts/ca.crt

      cert-user-oid = 0.9.2342.19200300.100.1.1

      tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"

      auth-timeout = 240

      min-reauth-time = 300

      max-ban-score = 50

      ban-reset-time = 300

      cookie-timeout = 300

      deny-roaming = false

      rekey-time = 172800

      rekey-method = ssl

      use-occtl = true

      pid-file = /var/run/ocserv.pid

      device = vpns

      predictable-ips = true

      default-domain = example.com

      ipv4-network = 192.168.102.0
      ipv4-netmask = 255.255.255.0

      dns = 8.8.8.8
      dns = 8.8.4.4

      ping-leases = false

      cisco-client-compat = true

      dtls-legacy = true

      user-profile = profile.xml

      # Routes to be forwarded to the client. If you need the
      # client to forward routes to the server, you may use the
      # config-per-user/group or even connect and disconnect scripts.
      #
      # To set the server as the default gateway for the client just
      # comment out all routes from the server, or use the special keyword
      # 'default'.

      #route = 10.10.10.0/255.255.255.0
      #route = 192.168.0.0/255.255.0.0
      #route = fef4:db8:1000:1001::/64


      After editing ocserv.conf i did these commands :



      sudo systemctl start ocserv
      sudo systemctl enable ocserv
      sudo systemctl status ocserv


      Now i downloaded gui software from here on client machine.

      Client machine can connect to openconnect with username test successfully.

      But the problem is that i can not open any web page on client machine & it seems there is NO INTERNET.

      What should i do on server machine to fix this problem?






      Firewall is off on both server & client.

      I did nothing about routing or forwarding.

      I am not familiar with them.

      If necessary tell me what should i do about them?

      Also i found this link about my situation. But not satisfy...








      share|improve this question
















      Please take a look at these links :
      openconnect / ocserv
      openconnect / ocserv Installation - CentOS, RHEL, Fedora

      I have centos 7.6 as server with public ip.

      Also in client machine i have windows 7 os with wireless internet.

      I followed these commands to install openconnect on server machine :



      sudo yum -y install gnutls-devel libev-devel tcp_wrappers-devel pam-devel lz4-devel libseccomp-devel readline-devel libnl3-devel krb5-devel radcli-devel
      sudo yum -y install epel-release
      sudo yum repolist enabled
      sudo yum info ocserv
      sudo yum -y install ocserv
      sudo ocpasswd -c /etc/ocserv/ocpasswd test
      123
      nano -K /etc/ocserv/ocserv.conf


      And here is ocserv.conf file :



      auth = "plain[passwd=/etc/ocserv/ocpasswd]"

      tcp-port = 8090
      udp-port = 8090

      run-as-user = ocserv
      run-as-group = ocserv

      socket-file = ocserv.sock

      chroot-dir = /var/lib/ocserv

      isolate-workers = true

      max-clients = 5

      max-same-clients = 1

      keepalive = 32400

      dpd = 90

      mobile-dpd = 1800

      switch-to-tcp-timeout = 25

      try-mtu-discovery = true

      server-cert = /etc/pki/ocserv/public/server.crt
      server-key = /etc/pki/ocserv/private/server.key

      ca-cert = /etc/pki/ocserv/cacerts/ca.crt

      cert-user-oid = 0.9.2342.19200300.100.1.1

      tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"

      auth-timeout = 240

      min-reauth-time = 300

      max-ban-score = 50

      ban-reset-time = 300

      cookie-timeout = 300

      deny-roaming = false

      rekey-time = 172800

      rekey-method = ssl

      use-occtl = true

      pid-file = /var/run/ocserv.pid

      device = vpns

      predictable-ips = true

      default-domain = example.com

      ipv4-network = 192.168.102.0
      ipv4-netmask = 255.255.255.0

      dns = 8.8.8.8
      dns = 8.8.4.4

      ping-leases = false

      cisco-client-compat = true

      dtls-legacy = true

      user-profile = profile.xml

      # Routes to be forwarded to the client. If you need the
      # client to forward routes to the server, you may use the
      # config-per-user/group or even connect and disconnect scripts.
      #
      # To set the server as the default gateway for the client just
      # comment out all routes from the server, or use the special keyword
      # 'default'.

      #route = 10.10.10.0/255.255.255.0
      #route = 192.168.0.0/255.255.0.0
      #route = fef4:db8:1000:1001::/64


      After editing ocserv.conf i did these commands :



      sudo systemctl start ocserv
      sudo systemctl enable ocserv
      sudo systemctl status ocserv


      Now i downloaded gui software from here on client machine.

      Client machine can connect to openconnect with username test successfully.

      But the problem is that i can not open any web page on client machine & it seems there is NO INTERNET.

      What should i do on server machine to fix this problem?






      Firewall is off on both server & client.

      I did nothing about routing or forwarding.

      I am not familiar with them.

      If necessary tell me what should i do about them?

      Also i found this link about my situation. But not satisfy...





      vpn centos cisco-anyconnect






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Feb 19 at 19:40







      SilverLight

















      asked Feb 19 at 18:58









      SilverLightSilverLight

      61441327




      61441327






















          1 Answer
          1






          active

          oldest

          votes


















          -1














          Turn On firewall , and allow the ports 8090 on both udp/tcp






          share|improve this answer








          New contributor




          Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.





















            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1407557%2fopenconnect-ocserv-connected-on-client-side-but-can-not-open-any-web-page-no%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            -1














            Turn On firewall , and allow the ports 8090 on both udp/tcp






            share|improve this answer








            New contributor




            Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.

























              -1














              Turn On firewall , and allow the ports 8090 on both udp/tcp






              share|improve this answer








              New contributor




              Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.























                -1












                -1








                -1







                Turn On firewall , and allow the ports 8090 on both udp/tcp






                share|improve this answer








                New contributor




                Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.










                Turn On firewall , and allow the ports 8090 on both udp/tcp







                share|improve this answer








                New contributor




                Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.









                share|improve this answer



                share|improve this answer






                New contributor




                Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.









                answered 18 hours ago









                Ali HaAli Ha

                41




                41




                New contributor




                Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.





                New contributor





                Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.






                Ali Ha is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1407557%2fopenconnect-ocserv-connected-on-client-side-but-can-not-open-any-web-page-no%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...

                    Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

                    VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...